Abstract: A secure token includes a processor for protecting a first cryptographic key against unauthorized access, and creating a second cryptographic key from the first key and a message unique to an insecure device. The second key is usable for file decryption by the insecure device.

Abstract: In a first aspect, the present invention provides a protocol for communications across a securable communication channel between a first device and a second device. The protocol includes the transmission of a plurality of uniquely identifiable messages which each include security-related data, from the first device to the second device. The protocol includes determining whether a subset of messages that are received by the second device comply with at least one predetermined message criterion and are identifiable as having been sent from the first device. In the event that said subset of messages are determined to comply with the predetermined verification criterion (or criteria) and are identifiable as having been sent from the first device, the security-related data is determined to have been successfully communicated to the second device.

Abstract: In a first aspect the present invention provides a method for verifying that a secure association has been formed between a first device and a second device. The method includes, enabling a user of the first device to select a verification indicator, and encrypting the verification indicator using an encryption key of the first device to form cipher text. The cipher text is then communication to the second device using a multi-part communication protocol, and decrypted using an encryption key of the second device to obtain a received verification indicator. The method includes verifying the association is secure if the received verification indicator is the same as the selected verification indicator.

Abstract: Methods and systems for generating time-based identifiers that are used for identifying items is described. In one embodiment, a master key is assigned to an electronic tag. Time-based other keys are generated based on the master key. Time-based identifiers are generated based on the time-based other keys. The time-based identifiers are useful only for a period of time to a holder of the time-based other keys.

Abstract: An aspect of the present invention is a digital media-playing device. The digital media-playing device includes a controller and a compensation-enabled component for playing digital media coupled to the controller wherein the compensation-enabled component is non-bypassable.

Abstract: A method, and associated apparatus, comprises calculating a first part of a message authentication function by a first processor, calculating a second part of the message authentication function by a second processor, and combining the first and second parts into the message authentication function by the first or second processor. The message authentication function can be used to authenticate data transmitted between the first processor and a third processor.

Abstract: The embodiments described herein generally relate to a method and system of injecting repeatable processes, or workflows, into the processing of data-oriented or procedural requests in an entity management system. A request in such a system is subject to authentication, authorization, and action phases of processing, and workflows may be associated with each phase for automatic processing upon the triggering of a certain request under particular circumstances. A declarative mapping associates workflows with the request type, phase, requester, and target. The mapping may be created at the system administrator level, or by any person with the necessary capabilities, through the application of the processing concept in API or UI and may be consulted and invoked upon receipt of a request matching the mapping's criteria. Mappings may also be created and retrieved to manage state changes resulting from processing in other phases of the request processing model.

Abstract: The present invention provides for validating an association between computing devices using a succession of human-perceptible stimuli such as sounds, lights colors or shapes. Commands are sent from the initiating device to the responding device in encrypted messages. Human-perceptible stimuli are formed at the responding device in response to at least some of the commands. The responder searches for messages that the responder is unable to decrypt and that are received in a time interval before messages that the responder is able to decrypt. The succession of human-perceptible stimuli may be harmonized, in which case, an association between the initiating device and the responding device is validated when the human-perceptible stimuli formed by the initiating device and the human-perceptible stimuli formed by the responding device are harmonized together.

Abstract: The intuitive display of trace historical data in a manner that processing control transfer between processing entities is represented in the context of trace data from multiple processing entities. For each processing entity, a set of one or more trace entries are identified for that processing entity and displayed in a manner that the trace entries for the processing entity are shown associated with the processing entity. The transfer of control between processing entities is also shown in a manner that illustrates a transfer of processing control.

Abstract: A system of securing communications, comprising a plurality of computer peripheral resources, a beacon in signal communication with and located proximate each computer peripheral resource and configured to communicate using RF signals and ultrasound signals, and a portable device configured to request a listing of the computer peripheral resources using wireless network communication and to guide a user to a selected one of the computer peripheral resources using the RF and the ultrasound signals by way of the corresponding beacon, the portable device and the selected computer peripheral resource being configured to exchange encryption keys validated using signals from the beacon and to communicate with each other using encrypted network communication. Also provided is a communication system, comprising first and second portable devices respectively configured to use RF signals and ultrasound signals and to exchange encryption keys and to communicate with each other using encrypted network communication.

Abstract: In a first aspect, the present invention provides a protocol for communications across a securable communication channel between a first device and a second device. The protocol includes the transmission of a plurality of uniquely identifiable messages which each include security-related data, from the first device to the second device. The protocol includes determining whether a subset of messages that are received by the second device comply with at least one predetermined message criterion and are identifiable as having been sent from the first device. In the event that said subset of messages are determined to comply with the predetermined verification criterion (or criteria) and are identifiable as having been sent from the first device, the security-related data is determined to have been successfully communicated to the second device.

Abstract: In a first aspect the present invention provides a method for verifying that a secure association has been formed between a first device and a second device. The method includes, enabling a user of the first device to select a verification indicator, and encrypting the verification indicator using an encryption key of the first device to form cipher text. The cipher text is then communication to the second device using a multi-part communication protocol, and decrypted using an encryption key of the second device to obtain a received verification indicator. The method includes verifying the association is secure if the received verification indicator is the same as the selected verification indicator.

Abstract: There is disclosed a method for verifying that a secure association has been formed between a first device and a second device by comparing a secret key of the first device to a secret key of the second device. The method includes transforming the secret key of the first device and the second device using a predetermined transformation. A user verifiable comparison of the transformed secret key of the first and second devices is performed and if the transformed secret keys of the first and second devices match the association is verified as being secure. The method can include representing the transformed secret keys of the first device and the second device in a user perceptible manner.

Abstract: A method of controlling transmission of content in a network. The method includes the step of applying a quality degradation procedure to content being transmitted between nodes of the network.

Abstract: Techniques for verifying whether an incremental update was correctly applied to a set of hierarchically structured information include determining an overall integrity code for the hierarchically structured information and attaching the overall integrity code to the hierarchically structured information. An incremental update according to the present techniques includes an integrity code that is combined into the overall integrity code attached to the hierarchically structured information when the incremental update is applied to the hierarchically structured information. The integrity code of the incremental update is generated such that when the overall integrity code is recomputed it will match the overall integrity code attached to the hierarchically structured information if the incremental update was correctly applied.

Abstract: The present invention provides for validating an association between computing devices using a succession of human-perceptible stimuli such as sounds, lights colors or shapes. Commands are sent from the initiating device to the responding device in encrypted messages. Human-perceptible stimuli are formed at the responding device in response to at least some of the commands. The responder searches for messages that the responder is unable to decrypt and that are received in a time interval before messages that the responder is able to decrypt. The succession of human-perceptible stimuli may be harmonized, in which case, an association between the initiating device and the responding device is validated when the human-perceptible stimuli formed by the initiating device and the human-perceptible stimuli formed by the responding device are harmonized together.

Abstract: A secure token includes a processor for protecting a first cryptographic key against unauthorized access, and creating a second cryptographic key from the first key and a message unique to an insecure device. The second key is usable for file decryption by the insecure device.

Abstract: A method, and associated apparatus, comprises calculating a first part of a message authentication function by a first processor, calculating a second part of the message authentication function by a second processor, and combining the first and second parts into the message authentication function by the first or second processor. The message authentication function can be used to authenticate data transmitted between the first processor and a third processor.

Abstract: A system of securing communications, comprising a plurality of computer peripheral resources, a beacon in signal communication with and located proximate each computer peripheral resource and configured to communicate using RF signals and ultrasound signals, and a portable device configured to request a listing of the computer peripheral resources using wireless network communication and to guide a user to a selected one of the computer peripheral resources using the RF and the ultrasound signals by way of the corresponding beacon, the portable device and the selected computer peripheral resource being configured to exchange encryption keys validated using signals from the beacon and to communicate with each other using encrypted network communication. Also provided is a communication system, comprising first and second portable devices respectively configured to use RF signals and ultrasound signals and to exchange encryption keys and to communicate with each other using encrypted network communication.